Home Verkennen Help
Inloggen
troy
/
oa
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: 10e9c443ea
Aftakkingen Labels
oa
/
app
/
api
/
middleware
/
Auth.php

Auth.php 2.6 KB
Geschiedenis Ruwe

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 
  1. <?php
    2. 

  2. /**
    3. 

  3. +-----------------------------------------------------------------------------------------------
    4. 

  4. * GouGuOPEN [ 左手研发,右手开源,未来可期!]
    5. 

  5. +-----------------------------------------------------------------------------------------------
    6. 

  6. * @Copyright (c) 2021~2024 http://www.gouguoa.com All rights reserved.
    7. 

  7. +-----------------------------------------------------------------------------------------------
    8. 

  8. * @Licensed 勾股OA,开源且可免费使用,但并不是自由软件,未经授权许可不能去除勾股OA的相关版权信息
    9. 

  9. +-----------------------------------------------------------------------------------------------
    10. 

  10. * @Author 勾股工作室 <hdm58@qq.com>
    11. 

  11. +-----------------------------------------------------------------------------------------------
    12. 

  12. */
    13. 

  13. 

  14. namespace app\api\middleware;
    15. 

  15. 

  16. use Firebase\JWT\JWT;
    17. 

  17. use Firebase\JWT\Key;
    18. 

  18. use think\facade\Request;
    19. 

  19. use think\Response;
    20. 

  20. 

  21. class Auth
    22. 

  22. {
    23. 

  23.     public function handle($request, \Closure $next)
    24. 

  24.     {
    25. 

  25.         $token = Request::header('Token');
    26. 

  26.         if ($token) {
    27. 

  27.             if (count(explode('.', $token)) != 3) {
    28. 

  28.                 return json(['code'=>404,'msg'=>'非法请求']);
    29. 

  29.             }
    30. 

  30. 			$config = get_system_config('token');
    31. 

  31. 			//var_dump($config);exit;
    32. 

  32.             try {
    33. 

  33. 				JWT::$leeway = 60;//当前时间减去60,把时间留点余地
    34. 

  34. 					$decoded = JWT::decode($token, new Key($config['secrect'], 'HS256')); //HS256方式,这里要和签发的时候对应
    35. 

  35. 					//return (array)$decoded;
    36. 

  36. 					$decoded_array = json_decode(json_encode($decoded),TRUE);
    37. 

  37. 					$jwt_data = $decoded_array['data'];
    38. 

  38. 					//$request->uid = $jwt_data['userid'];
    39. 

  39. 					define('JWT_UID', $jwt_data['userid']);
    40. 

  40. 					$response = $next($request);
    41. 

  41. 					return $response;
    42. 

  42. 					//return $next($request);
    43. 

  43. 				} catch(\Firebase\JWT\SignatureInvalidException $e) {  //签名不正确
    44. 

  44. 					return json(['code'=>403,'msg'=>'签名错误']);
    45. 

  45. 				}catch(\Firebase\JWT\BeforeValidException $e) {  // 签名在某个时间点之后才能用
    46. 

  46. 					return json(['code'=>401,'msg'=>'token失效']);
    47. 

  47. 				}catch(\Firebase\JWT\ExpiredException $e) {  // token过期
    48. 

  48. 					return json(['code'=>401,'msg'=>'token已过期']);
    49. 

  49. 				}catch(Exception $e) {  //其他错误
    50. 

  50. 					return json(['code'=>404,'msg'=>'非法请求']);
    51. 

  51. 				}catch(\UnexpectedValueException $e) {  //其他错误
    52. 

  52. 					return json(['code'=>404,'msg'=>'非法请求']);
    53. 

  53. 				} catch(\DomainException $e) {  //其他错误
    54. 

  54. 					return json(['code'=>404,'msg'=>'非法请求']);
    55. 

  55. 				}
    56. 

  56.         } else {
    57. 

  57.             return json(['code'=>404,'msg'=>'token不能为空']);
    58. 

  58.         }
    59. 

  59.         return $next($request);
    60. 

  60.     }
    61. 

  61. }
    62.